> TritonInfoSec News
Home / May 05, 2026 / Story
0
#2 SecurityWeek general May 04, 2026 at 08:25 UTC

Over 40,000 Servers Compromised in Ongoing cPanel Exploitation

By Ionut Arghire

AI Summary

Over 40,000 servers have been compromised in ongoing attacks exploiting CVE-2026-41940, a recently patched zero-day vulnerability in cPanel that grants administrative access. The exploitation is targeting government, military entities in Southeast Asia, and MSPs across multiple countries including the Philippines, Laos, Canada, and the U.S.

Read full article → https://www.securityweek.com/over-40000-servers-co…

Relevance score: 92.0/100

# More from May 05

  1. 1
    CISA says ‘Copy Fail’ flaw now exploited to root Linux systems BleepingComputer
  2. 3
    Exploit Cyber-Frenzy Threatens Millions via Critical cPanel Vulnerability Dark Reading
  3. 4
    Progress warns of critical MOVEit Automation auth bypass flaw BleepingComputer
  4. 5
    Trellix discloses data breach after source code repository hack BleepingComputer
  5. 6
    Instructure confirms data breach, ShinyHunters claims attack BleepingComputer
  6. 7
    Phishing Campaign Hits 80+ Orgs Using SimpleHelp and ScreenConnect RMM Tools The Hacker News
  7. 8
    Backdoored PyTorch Lightning package drops credential stealer BleepingComputer
  8. 9
    DigiCert Revokes Certificates After Support Portal Hack SecurityWeek
  9. 10
    Silver Fox Deploys ABCDoor Malware via Tax-Themed Phishing in India and Russia The Hacker News